[pmwiki-users] AuthUser and an external DB

Jeff Brown sparks at ts4b.com
Mon Sep 10 17:38:14 CDT 2007


Hi

I am new to PmWiki. Trying to get AuthUser to authenticate against a forum 
database. I want only my forum members to edit wiki pages. For a couple 
reasons, I am not using AuthUserDB, I am calling the PHP ODBC module directly.

I've written a script (based on AuthUserBBPress) which queries my database 
and returns true/false on user, pswd challenge.  This code is at the end of 
this email. I've tested this script on it's own and it works.

Along with defining the SnitzAuthDB in my config, I have:

$DefaultPasswords['edit'] = 'id:*';
include_once "cookbook/snitzauth.php";
include_once 'scripts/authuser.php';

Do I need something on my Site.AuthUser page to tell AuthUser how to call 
my script, snitzauth.php?

When trying to edit any page, I get a user/pass challenge, but only 
"Name/password not recognized".

Can anyone point me in the right direction?

Many Thanks - Jeff



<?php if (! defined ('PmWiki')) exit;

/*
  * Authenticate Against a Snitz Forums user database using ODBC to a DSN
  *
  * To use, import and set the SnitzAuthDb array as follows:
  * $SnitzAuthDb = array(
  *    'dsn' => 'connection name',
  *    'user' => 'dbuser',
  *    'password' => 'dbpass',
  *    'table' => 'FORUM_MEMBERS',
  *    'userfield' => 'M_NAME',
  *    'pwfield' => 'M_PASSWORD'
  * );
  */

$AuthUserFunctions['snitz'] = 'AuthUserSnitz';

function AuthUserSnitz($pagename, $id, $pw, $pwlist) {
   global $SnitzAuthDb;

   $link = 
odbc_connect($SnitzAuthDb['dsn'],$SnitzAuthDb['user'],$SnitzAuthDb['password']);
   if (!$link)  die('Could not connect: '.odbc_error());

   $user = $SnitzAuthDb['userfield'];
   $pass = $SnitzAuthDb['pwfield'];
   $table = $SnitzAuthDb['table'];

   $id = user_sanitize($id);
   $pw = user_sanitize(hash('sha256', $pw));
   $ask = "SELECT * from $table WHERE $user='$id' AND $pass='$pw';";

   $result = odbc_exec($link, $ask);
   if (!$result) die("Could not successfully run query ($query) from DB: 
".odbc_error());

  return (abs(odbc_num_rows($result)) > 0) ? true : false;
}

function user_sanitize( $text ) {
     $text = preg_replace('/[^a-z0-9_-]/i', '', $text);
         return $text;
}

?>


-- 
No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.485 / Virus Database: 269.13.14/999 - Release Date: 9/10/2007 5:43 PM





More information about the pmwiki-users mailing list